Cybersecurity Introduction
Okay, so what I'm not gonna do in this article is tell you to use stronger passwords. Set up 2FA, use A VPN, any of those generic basic security tips that you can find anywhere on the internet. What I'm gonna share with you are seven important security tips that I think most people aren't doing because they aren't even aware that they need to. So stick around.
1. Setup a Secret Email
|
| 1.Setup-a-Secret-Email |
One of the first things that you can do to create stronger security for yourself online is to set up a separate email address for your banking investments and other really highly sensitive online logins. Essentially what I'm saying here is you don't want your primary email address, that's the one that you're using for all of your communications. Whenever you email somebody or you sign up for something, you don't want that to be the same as the email that you use for your logins for your bank and your investments. And more than likely, that is the case right now.
Now, the primary reason for doing this is to limit the effectiveness of any kind of phishing campaign. So right now, because I don't use my primary email for my banking when I get some kind of scam or phishing campaign to my email, my personal email address telling me that, oh, this Amazon purchase was this you for 500 and something dollars, I know that that wasn't actually my bank because my bank doesn't email that account. My bank only emails this secret email address that I don't give anywhere else. I don't use it for communication. The only thing I use it for is my banking and investments, and that makes hacking that account also a lot harder.
Now, thankfully, setting this up really isn't that hard. Just create a separate secret email account. You can do that in Gmail. Just set up a new email account, or I suggest you open a private or an encrypted email address through something like Tuda or Proton, which is what I use. You create that address, you go into your bank and then you just swap your email address for the one that is the secret secure email address that you can use from then on out.
2. Tap vs Credit Card
|
| 2.Tap-vs-Credit-Card |
If you were to follow me around nowadays, you would rarely ever see me pull out my credit card and swipe it or plug it into any of the kiosks where they're asking for my payments. The main reason for that is that I don't want any of these retailers, any of these places to have my actual credit card number. Now, when you're doing this online, you can create a virtual credit card. You can do that through something like privacy.com that I've talked about before. But in your day-to-Day life, it is very easy to set up tap to pay on something like your phone or whatever smartwatch you have.
I know for a lot of people there's maybe this immediate skepticism about the security of using tap to pay or the security of using something like your watch or something to tap over and make payment. But the reality is, is that when you put your card onto Google Pay or Apple Pay or something like that, when you tap on those little devices, it doesn't give over your actual credit card number. So if I'm paying for something at Starbucks using tap to pay, they're not getting my actual credit card number, they're just getting a token it. If you were to actually look at it, you would see it's not your actual credit card number. It is a different number that Apple or Google or whatever service you use gives over just for that one period and authorizes that one payment.
And so now I'm not giving out my credit card number to every single merchant in every single place where I'm making a purchase. I am just tapping to pay and getting out what is essentially a one-time use credit card number, and now I don't have to worry about when something happens that they're using that information improperly. I haven't given them any information that they can actually use.
Now, setting this up is also easy. All you have to do is go into either Apple, pay your wallet, or Google Pay the wallet there and set up your card. You just input all the details of your card. And now whenever it's time for me to go and pay, I just double click on this and the same thing. And then after I scan, I can then it gives me the option to be able to say, okay, it's time to now tap and pay for whatever it is that I'm wanting to pay for.
3. Create Unique User Names
|
| 3.Create-Unique-User-Names |
You know how in the world of let's say government security where two different people have to have two separate keys, plug 'em in at the same time and turn it in order to launch a missile. When it comes to our online logins, our two keys are our username and our password. And thanks to the fact that our username has been compromised probably multiple times in breaches throughout the years, this key is basically already in hand for people. So now all they have to do is know your password, guess your password or brute force, figure out your password and now they can get into your accounts.
What most people don't realize is that you can create unique username emails alongside your unique strong passwords, and that adds an even greater level of security to all of your online logins. Now, the challenge here is that it is really difficult and time consuming to go back into the archive of what's probably hundreds of online logins to change that username email into something that's unique. But what you can do is set yourself up so that now going forward, every new account that you create has both a strong password and a unique username email.
Now, the way that you set this up is really dependent on the software and the devices that you use. So for example, if you're an Apple user, they have the Hide my email feature that's available to anybody that uses their iCloud service. I believe that one password has their own partner that they do this with, and I use Proton, and they purchased Simple Login that allows you to create unique username emails very, very easily. And of course, there's always the option to just do the email add-on, which is, let's say you have your email address and before that at Symbol you just do a plus and then add something else. Let's say you're creating a Netflix account so you can have your regular email address plus netflix@gmail.com or whatever email address that you have that's a unique email address. I mean, it's not nearly as strong as creating a truly random email address for your username, but I think it's better than just having the same email address for everything that you use to log in.
4. Start a Credit Freeze
|
| 4.Start-a-Credit-Freeze |
Set up a credit freeze. This is one of those things that is so simple to do and so incredibly effective that I don't know why more people don't decide to go and do it. There are a number of different credit bureaus. Now in the US we have the top three, but around the world, this is actually becoming something that even people outside the US need to consider doing. Essentially, whenever you are going to apply for more credit, whether that's a credit card, a loan, or anything like that, even sometimes it has to do with a background check, they're going to do what's called a credit pull. It could be a hard or a soft pull.
When that happens, if you have a credit freeze, you're basically telling that credit bureau that they are not allowed to release your information and give the approval for that credit. So if somebody signs up for a credit card in your name or tries to access your credit to get a loan using your name, they won't be able to do so. And I know what you might be thinking, what if I need to set up a credit card or what if I'm going to buy a car and I need to, you know, borrow money to do so? Well, it's very simple to go in and do what's known as thawing your credit freeze. Basically it's putting that credit freeze on pause.
I've done it multiple times and it has never been an issue for me. Sometimes I'll forget that I have the credit freeze and I'll apply for something. They'll deny me and say, Hey, we couldn't pull your credit. Oh, I'm sorry. I'll go in and thaw that and say, try to run it again. They will, everything goes fine. And then less than 24 hours later, my credit freeze kicks back in.
I don't care if you're already checking your free credit report multiple times a year, or if you have another company that's monitoring your credit 24 7, there really is no good reason not to set up a credit freeze on your accounts.
I don't know if you've seen in the news, but there have been a lot of data breaches happening recently, including one that had over 2.9 billion records stolen. You know, I get a lot of emails from people asking what they can do about all their personal information that's floating out there online. And there are some easy steps like setting up a credit freeze that I suggest everybody needs to do. But there are also these data brokers that are collecting our personal information such as our name, email address, physical address, phone number, even our location data, packaging it up and selling it out, and we have the legal right to have that information removed from their servers.
5. Use THIS Instead of Public WiFi
|
| 5.Use-THIS-Instead-of-Public-WiFi |
Alright? For me, I'm not a big fan of going into an airport, a coffee shop or any other public location and connecting directly to that wifi. Now, one of the ways that people get around that is by using A VPN, but the reality is is that most public wifi is already slow. You add a VPN on top of that and it gets really slow. What I like to do is that instead of connecting to the public wifi, I like to tether to my mobile data.
I don't know about you, but most of the time when I connect and tether to my mobile wifi, that's a lot faster than going through the public wifi. But more than that, I would rather know who I'm trusting when I'm connecting to the internet, which in this case would be my mobile provider. I know a lot of us maybe don't trust our mobile provider, but at least knowing who I'm using, I can know, okay, I'm gonna use A VPN or I wanna make sure I know what I'm doing when I'm doing that as opposed to public wifi. Most of the time we don't even know who's implementing that public wifi. What company is it and am I connecting to the right wifi anyway?
6. Turn off Bluetooth and WiFi
|
| 6.Turn-off-Bluetooth-and-WiFi |
Now, I admit that this one tip might be a little bit harder for us to implement, but most of us walk around with the wifi and Bluetooth on our mobile devices constantly on. Like we never turn it off unless we go onto an airplane or something like that. Now the fact is, is that when you have wifi and Bluetooth enabled all the time, your phone is constantly looking for signals searching for something to connect to, and that is an open threat vector that people could exploit.
The biggest challenge here is obviously convenience. I mean, I wanna be able to just put my headphones in and have it automatically connect my phone as opposed to getting into the settings and turning on the Bluetooth every time that I do that. But if you can just get yourself into the habit of turning off wifi and Bluetooth every time you leave your house, that's one way to do it. Or you could even set up a shortcut or an if this then that where it says anytime you leave the location of either your home or your office, that Bluetooth and wifi are turned off. And then anytime that you are in those locations that it's turned on.
So there are some automated ways that you can do this, but really it's more about just being focused on making sure that you're turning this off and on when it's not necessary and when it is necessary.
7. Protect Against Phone Theft
|
| 7.Protect-Against-Phone-Theft |
Alright, the last tip that I'll give here is a really easy one and it has to do with phone theft. This is something that's become more and more common. People are having their phones stolen all the time and we put so much on our phones that one, it's a threat if it is taken. Not to mention the fact that it is really, really inconvenient for us to, to replace that and make sure that we're logging into everything.
So first things first, I would make sure that you have a backup of your phone, whether you do that with some kind of cloud service or you connect it to your computer and manually back up your phone once every couple months maybe. But that's important. The other side of this though is to set up what each device has in terms of stolen device protection. So iOS, as of iOS 17, has something that is literally called stolen device protection. So if you go into your settings into security and privacy and scroll all the way down, you can turn on stolen device protection.
For Android, they have theft detection lock, which is its own thing that you can turn on. They're also trying to use AI to determine when a phone has been taken. This is all part of just an effort to be able to make sure that if that phone is stolen, no data, no personal information, no damage can be done to you by the person that is taken that device. And hopefully that device becomes just unusable because they've taken it and you're able to activate the stolen device protection.
A bonus tip for any Apple users out there when iOS 18 comes out in September, you can actually hard press on any app and force face id. So a lot of times we've had it where you know you can have face id, but then it backs up to the phone code. In this way, it's very similar to stolen device protection, but in this way you can actually force that an app has to open using your face id, even if that's not part of their login process.
Closing Remarks
So those are my seven little known, but what I consider to be very important security tips that I think most people aren't doing. So if you have a moment, leave a comment to let me know which one of those was most interesting to you, and if you think there's one I'm missing, I'd love to hear about that as well.
